5 minute read
Special - Sharpening the saw
Sharpening the saw
BY CAMILLE FRADIN AND DAVID LANNOY
Operational risk disclosures need sharpening up if banks are to cut the mustard under the disclosure regime that starts in 2022
Risk managers might not be in charge of taking business or strategic decisions, but they are critical contributors to the decision making process. Their role should offer insights that will maximise the chance to protect and create value in their organisations.
While we would believe that risk managers are good communicators, we have identified concerns in the current risk disclosure practices of companies. We have found that risk disclosures are dispersed throughout reports, that disclosures vary in quantity and quality, that the disclosures often use generic language, and that disclosures lack focus on actions that are to be undertaken.
This suggests that many risk managers are not taking advantage of the positive effects of drafting good risk management disclosures. Nor do they make visible the actions taken to reduce risk exposure to shareholders in order to gain trust – or make their risk management more transparent to increase organisational legitimacy.
Crucial driver
Those firms with growing market shares tend to give more consistent and rigorous risk disclosures to prove that they maintain high standards as they continue to expand. Companies with good performance provide higher-quality risk disclosure, as they report their strengths to improve stakeholders’ confidence. The quality of the disclosures is a crucial driver for investor and market confidence.
We have conducted fieldwork analysing the annual reports and operational risk disclosure reports from 18 banks from three countries (Belgium, France and Switzerland) to better understand their reporting practices’ status and readiness. We have used the Basel Accord IV requirements, 2017, describing the operational risk disclosures that must be found in banks’ annual reports by 2022.
To have a structured approach, we converted the regulatory requirements into five dimensions: design, governance, measurement, reporting and response (see Operational risk management disclosure dimensions). For each dimension, we analysed the information publicly available to measure the information quality. To assess the quality of the information provided, we created an aggregated index scoring from 1 to 10, considering the “width” and the “depth” of the information communicated. Ten is the highest score, one the lowest.
Governance scores well
We found encouraging results from our index for the information communicated about the governance of operational risk. The average score is 6,7/10, and more than half of the banks have 9 and 10. This shows that details about the roles, responsibilities and how the interactions with other controlling functions are organised are clearly described in reporting (see Governance index).
While the average score is slightly below 5, we observe that the results from design and measurement are promising. The dispersion of these dimensions’ scores is relatively high. It means that the gap between banks is high, but results can be reached by implementing some best practices that can be identified in almost 30 per cent of the banks which have scores of 8 and 9. Banks with the highest measurement and design scores are those communicating about specific operational risk measurement per risk category and per business line, and those making clear statements about updates, review cycles or improvements of their operational risk policies and practices (see Measurement & design index).
The two other dimensions are very disappointing. For the response dimension, a third of the banks provide a rationale explaining the strategy to address the risks, and only 11 per cent differentiate their risk response per risk type.
The most exciting aspect of the response dimension is that we found a strong correlation with two other dimensions: reporting and measurement. Specifically, if risk managers improve the response dimension, it will have a positive effect on reporting and measurement in a kind of a snowball effect. This shows where risk managers have to take action to maximise the quality of their disclosures. We have, therefore, clearly identified the most influential dimension in terms of leverage on the different aspects of the operational risk disclosures (see Response quality index).
Focusing on what
The most worrying dimension is reporting with an average index score of 2,3 and a very low dispersion, meaning that the index scores are stuck at the bottom. No one bank has a score above 6. The banks do not inform the disclosures’ readers about the type of information collected, with whom the information is shared and how often this information is discussed within the organisation. We found this very surprising, especially knowing that roles, responsibilities and interactions with other functions are clearly described in the governance section of disclosures. Not only focusing on the “whom” but also describing the “what” could significantly influence the quality of the disclosures (see Reporting quality index).
The scores provided need to be put into perspective: to make these measurements, we have used criteria that will need be implemented by 2022, and if some scores are disappointing, we have identified where the current weaknesses are and how they can be improved by sharing practices through effective communication with the right information.
Banks who want to improve their operational risk management disclosures should first focus on the response aspects. Their development will have leverage on the other dimensions, especially on reporting and measurement, which need a nudge to improve their quality and readiness. Operational risk managers should not underestimate the impact that has on the quality of the disclosures. Improving the regulatory reporting will demonstrate their professionalism and the impact on the organisation, and provide confidence to the reader of these reports.
Camille Fradin is a Master’s student in corporate finance at IESEG School of Management and David Lannoy is associate director risk training and practices at Chapelle Consulting.
